UNPKG

@dollhousemcp/mcp-server

Version:

DollhouseMCP - A Model Context Protocol (MCP) server that enables dynamic AI persona management from markdown files, allowing Claude and other compatible AI assistants to activate and switch between different behavioral personas.

158 lines (102 loc) 5.6 kB
--- name: "Security Vulnerability Report" description: "Comprehensive vulnerability assessment report with technical details and remediation guidance" type: "template" version: "2.0.0" author: "DollhouseMCP" created: "2025-07-23" category: "security" tags: ["vulnerability", "security", "assessment", "report", "remediation"] variables: - { name: "assessment_date", type: "string", required: true, description: "Date of the assessment" } - { name: "target_system", type: "string", required: true, description: "System or application being assessed" } - { name: "assessor_name", type: "string", required: true, description: "Name of the security assessor" } - { name: "assessment_type", type: "string", required: false, description: "Type of assessment (code_review, penetration_test, vulnerability_scan, architecture_review)", default: "code_review" } - { name: "client_name", type: "string", required: true, description: "Client organization name" } - { name: "classification", type: "string", required: false, description: "Report classification level", default: "CONFIDENTIAL" } - { name: "overall_risk_level", type: "string", required: false, description: "Overall risk level (CRITICAL, HIGH, MEDIUM, LOW)" } - { name: "findings_summary", type: "string", required: false, description: "Executive summary of findings with counts and key issues" } - { name: "vulnerability_stats", type: "string", required: false, description: "Pre-formatted table rows: | Severity | Count | Percentage |" } - { name: "business_impact", type: "string", required: false, description: "Business impact analysis with potential consequences" } - { name: "immediate_actions", type: "string", required: false, description: "Pre-formatted numbered list of priority actions with due dates" } - { name: "scope_description", type: "string", required: false, description: "Assessment scope and areas covered" } - { name: "methodology_details", type: "string", required: false, description: "Testing standards, tools, and approach used" } - { name: "limitations", type: "string", required: false, description: "Assessment limitations and constraints" } - { name: "detailed_findings", type: "string", required: false, description: "Pre-formatted vulnerability findings with ID, severity, CVSS, CWE, description, location, proof of concept, impact, remediation, and references for each" } - { name: "risk_matrix", type: "string", required: false, description: "Pre-formatted risk distribution table: | Risk Level | Count | Priority | Timeline |" } - { name: "phase1_tasks", type: "string", required: false, description: "Pre-formatted checklist of critical remediation tasks (0-7 days)" } - { name: "phase2_tasks", type: "string", required: false, description: "Pre-formatted checklist of high priority tasks (1-4 weeks)" } - { name: "phase3_tasks", type: "string", required: false, description: "Pre-formatted checklist of medium priority tasks (1-3 months)" } - { name: "cost_analysis", type: "string", required: false, description: "Pre-formatted cost-benefit table: | Remediation | Cost | Risk Reduction | ROI |" } - { name: "recommendations", type: "string", required: false, description: "Immediate security improvement recommendations" } - { name: "long_term_strategy", type: "string", required: false, description: "Long-term security strategy and program recommendations" } - { name: "security_metrics", type: "string", required: false, description: "Key security metrics and KPIs to track" } - { name: "testing_evidence", type: "string", required: false, description: "Testing evidence, screenshots, and supporting documentation" } - { name: "tool_output", type: "string", required: false, description: "Raw output from security testing tools" } - { name: "next_review_date", type: "string", required: false, description: "Date of next scheduled review" } --- # Security Vulnerability Assessment Report **Target System:** {{target_system}} **Assessment Date:** {{assessment_date}} **Assessor:** {{assessor_name}} **Client:** {{client_name}} **Assessment Type:** {{assessment_type}} **Report Classification:** {{classification}} --- ## Executive Summary ### Overall Security Posture **Risk Level:** {{overall_risk_level}} ### Summary of Findings {{findings_summary}} ### Key Statistics | Severity | Count | Percentage | |----------|-------|------------| {{vulnerability_stats}} ### Business Impact {{business_impact}} ### Immediate Actions Required {{immediate_actions}} --- ## Methodology ### Assessment Scope {{scope_description}} ### Testing Approach {{methodology_details}} ### Limitations {{limitations}} --- ## Detailed Findings {{detailed_findings}} --- ## Risk Assessment Matrix ### Overall Risk Distribution {{risk_matrix}} --- ## Remediation Roadmap ### Phase 1: Critical Issues (0-7 days) {{phase1_tasks}} ### Phase 2: High Priority (1-4 weeks) {{phase2_tasks}} ### Phase 3: Medium Priority (1-3 months) {{phase3_tasks}} ### Cost-Benefit Analysis {{cost_analysis}} --- ## Recommendations ### Immediate Security Improvements {{recommendations}} ### Long-term Security Strategy {{long_term_strategy}} ### Metrics and KPIs {{security_metrics}} --- ## Appendices ### Appendix A: Testing Evidence {{testing_evidence}} ### Appendix B: Tool Output {{tool_output}} --- **Report prepared by:** {{assessor_name}} **Date:** {{assessment_date}} **Next review date:** {{next_review_date}} *This report contains confidential and proprietary information. Distribution should be limited to authorized personnel only.*